Refactor user permission handling to utilize hierarchy levels across user credential retrieval and role management. Update permission checks in user_roles.php and enhance session management in index.php for improved security and consistency.

index.php

@@ -29,16 +29,23 @@ include_once dirname(__FILE__).'/settings/countries.php';
 //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 //GET USER PERMISSION ASSIGNED
 //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-if (!isset($_SESSION['authorization']['id'])){
+if (!isset($_SESSION['authorization']['id']) && isset($_SESSION['authorization']['userkey'])){
 
     $api_url = '/v2/user_permissions/userkey='.$_SESSION['authorization']['userkey'];
     $responses = ioServer($api_url,'');
     //Decode Payload
     if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
-    
+
     //STORE DATA IN SESSION
-    foreach($responses as $key => $value){
-        $_SESSION['authorization'][$key] = $value;
+    if (is_array($responses) && !isset($responses['error'])) {
+        foreach($responses as $key => $value){
+            $_SESSION['authorization'][$key] = $value;
+        }
+    } else {
+        // API call failed or returned error - redirect to login
+        session_destroy();
+        header('location: login.php');
+        die();
     }
 }